f87dc94bb2343d1693a87c773f53a793f5a8b5f589cd9048a6533c8db8e41abe | Triage

Sharing

General

Target

736cafa831b40e66fe1c41a5db6e5926
Size

1.1MB
Sample

240125-cadzksdff2
MD5

736cafa831b40e66fe1c41a5db6e5926
SHA1

edfdbbacd95b4353f7dd9f7e73f04f400954bc98
SHA256

f87dc94bb2343d1693a87c773f53a793f5a8b5f589cd9048a6533c8db8e41abe
SHA512

b34185f31444243fdf38206d72d27f5254dd43a13147f73ef7b4da1ab698f8a894cf0954d3319c37dab55034a35ee9fb573712ba2f610c24a1a02e19035f89d2
SSDEEP

24576:VMKso1KxHzTDfGOH4T48mAymAyMhCn8BezIN6fkXcyPF+u9QzGR0nalY7e5cPytM:VMKsEizT7cT48mnmlMhCn8BezIN6fkXz

Score

7^/10

Malware Config

Targets

- Target
  
  736cafa831b40e66fe1c41a5db6e5926
- Size
  
  1.1MB
- MD5
  
  736cafa831b40e66fe1c41a5db6e5926
- SHA1
  
  edfdbbacd95b4353f7dd9f7e73f04f400954bc98
- SHA256
  
  f87dc94bb2343d1693a87c773f53a793f5a8b5f589cd9048a6533c8db8e41abe
- SHA512
  
  b34185f31444243fdf38206d72d27f5254dd43a13147f73ef7b4da1ab698f8a894cf0954d3319c37dab55034a35ee9fb573712ba2f610c24a1a02e19035f89d2
- SSDEEP
  
  24576:VMKso1KxHzTDfGOH4T48mAymAyMhCn8BezIN6fkXcyPF+u9QzGR0nalY7e5cPytM:VMKsEizT7cT48mnmlMhCn8BezIN6fkXz
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2